[Infowarrior] - Book Preview: The Story of PGP

[Richard Forno]

The Story of PGP
by Michael W. Lucas
http://www.webmonkey.com/06/17/index4a.html

Webmonkey is pleased to present the introduction to the book PGP & GPG:
Email for the Practical Paranoid by Michael W. Lucas. Excerpt © 2006 No
Starch Press. Reprinted with permission.

Encryption is an old science, and as computers became more and more
powerful, the number of people working with encryption grew and grew.
Government officials grew increasingly concerned about the widespread
availability of encryption techniques. Although encryption has perfectly
valid uses for everyday citizens, it's also a powerful tool for criminals.
In 1991, Senate Bill 266 (a sweeping anticrime bill) had a minor point that
required government-accessible back doors in all encryption tools. While
this bill was still under discussion, Phil Zimmermann combined some common
encryption methods to produce the software he dubbed Pretty Good Privacy, or
PGP.

The ideas behind PGP had been known and understood by computer scientists
and mathematicians for years, so the underlying concepts weren't truly
innovative. Zimmermann's real innovation was in making these tools usable by
anyone with a home computer. Even early versions of PGP gave people with
standard DOS-based home computers access to military-grade encryption. While
Senate Bill 266 was still threading its way through the legislative process,
a friend of Zimmermann's distributed PGP as widely as possible in an effort
to make military-grade encryption widely available before the law could take
effect. The software was distributed to a variety of BBS systems as well as
on the internet (largely an academic and research network at the time, but
still with worldwide reach). Their activism contributed to the demise of
antiencryption legislation.

Zimmermann, a long-time antinuclear activist, believed that PGP would be of
most use to dissidents, rebels, and others who faced serious risks as a
consequence of their beliefs ‹ in other words, to many people outside as
well as inside the United States. Ever since World War II, the United States
government has considered heavy-duty encryption a serious threat to national
security and would not allow it to be exported from the United States. (For
details, see the Wikipedia entry on "Export of Cryptography") Exporting
encryption software, including PGP, required a license from the State
Department, and certain countries could not receive such software exports
under any circumstances. These rules were known as ITAR (for International
Traffic in Arms Regulations) and classified encryption tools as weapons of
war. Zimmermann decided to try to avoid the export restrictions by
exploiting the difference between written words and software.

Zimmermann originally wrote PGP in boring old everyday text (or "source
code"), just like that used in any book, and used computer-based tools to
convert the human-readable text into machine-readable code. This is standard
practice in the computer industry. The text is not software, just as the
blueprints for a car are not a car. Both the text and the blueprints are
necessary prerequisites for their respective final products, however.
Zimmermann took the text and had it published in book form.

Books are not considered software, even when the book contains the "source
code" instructions for a machine to make software. And books are not
munitions (those of you who have dropped one of those big thick computer
textbooks on your foot might take issue with this statement). Although many
books on cryptography did have export restrictions, Zimmermann could get an
export permit for his book of source code. Thus, people all over the world
were able to get the instructions to build their own PGP software. They
promptly built the software from those instructions, and PGP quickly became
a worldwide de facto standard for data encryption.

As you might guess, the US government considered this tactic merely a way to
get around munitions export restrictions. Zimmermann and his supporters
considered the book speech, as in "free speech," "First Amendment," and "do
you really want to go there?" The government sued, and over the next three
years Zimmermann and the administration went a few rounds in the courts.

This lawsuit turned Zimmermann into something of a hero in the computer
community. Many people downloaded PGP just to see what all the fuss was
about, and quite a few of them wound up using it. Zimmermann's legal defense
fund spread news of the PGP lawsuit even further. In congressional hearings
about encryption, Zimmermann read letters he had received from people in
oppressive regimes and war-torn areas whose lives had been saved by PGP,
contributing greatly to the public awareness of how valuable his work had
been. Also, PGP was available on the internet before the book was published
‹ the code was available from anywhere in the world. (Admittedly, you needed
internet access to get a copy, which was slightly difficult in the early
1990s.) The book was simply a legal device to make it possible for people
outside the United States to use PGP without breaking US law.

The story of the PGP lawsuit is fascinating and could fill a book this size
or larger. Where exactly is the line between speech and computer code? Also,
PGP was not distributed by Zimmermann himself, but by third parties. If
someone in Libya downloaded PGP from an MIT server, was Zimmermann
responsible? Lawyers fought these questions back and forth, but when it
became obvious that the courts firmly believed that the First Amendment
trumped State Department regulations, the State Department and subsequently
the government dropped the suit. This not only saved them some time, money,
effort, and humiliation at that moment but also prevented a legal precedent
deeming encryption generally exportable. If a future administration desires,
it can bring this issue back to the courts in more favorable circumstances
against some other defendant.

OpenPGP

Even without the US government looming over it, PGP had some basic technical
problems that cryptographers across the world quickly pointed out. The most
glaring was that PGP made heavy use of the patent-protected RSA and IDEA
encryption techniques; anyone who wanted to use PGP commercially needed to
pay a license fee to the patent holders. Many computer scientists and
security professionals found this unacceptable because they wanted an
encryption system that would be freely usable by both the general public and
businesses.

Zimmermann offered a solution in 1998, when his company, PGP Corporation,
submitted an improved PGP design called OpenPGP to the internet Engineering
Task Force (IETF), the body responsible for internet standards. OpenPGP
defined standards by which different programs could communicate freely but
securely by using an enhanced version of the PGP protocol and a variety of
different encryption algorithms. This led the way for people and companies
to create their own implementations of OpenPGP from scratch, tailoring them
to meet their own requirements.

How Secure Is OpenPGP?

The OpenPGP standard is considered a military-grade, state-of-the-art
security system. Although you see these words attached to all sorts of
security products, OpenPGP is trusted by governments around the world, major
industrial manufacturers, medical facilities, and the best computer security
practitioners in the world.

That's not to say that OpenPGP is the be-all and end-all of computer
security. Misuse of OpenPGP can reduce your security by making you believe
that you're secure when you're not, much as if you leave for vacation and
forget to lock the front door of your house. Poor computer-management
practices might lock the front door but leave the key under the welcome mat
for anyone to find.

Also, given sufficient computing power, it is possible to break the
encryption used in any OpenPGP application. The National Security Agency is
rumored to have computers specifically engineered from the ground up
especially to break this sort of encryption. Of course, if someone is
willing to spend millions of dollars to get your information, there are
easier ways for them to get it, so I would say that when properly configured
and used, OpenPGP is sufficiently strong enough to make people choose
another method of violating your privacy rather than try to break the
encryption.

Today's PGP Corporation

Today, PGP Corporation is a major player in the world of cryptography and
information security, providing PGP software for many different platforms,
from PCs to handhelds and even Blackberry phones. PGP Corporation software
secures everything from email to instant messages to medical records.

PGP Corporation provides an implementation of OpenPGP that runs on popular
operating systems. It provides a PGP system that integrates seamlessly with
standard mail clients and desktops.

Although PGP Corporation was owned by Network Associates for a few years
during the dot-com boom, it is now an independent company with a variety of
big-name industry partners.

PGP is a commercial product, and PGP Corporation provides a whole range of
related support services. We're going to cover the basic version: the PGP
Desktop. (The corporate PGP solutions could fill a book on their own.)
Because PGP is a typical commercial product, you are expected to pay for it.

GnuPG is a freely available implementation of the OpenPGP standard that was
released to the public in 1999 by the German developer Werner Koch. It is
available for both Windows and Unix-like computers (including Mac OS X).

Because GnuPG conforms to the OpenPGP standard, it can be used to
communicate with people using any other OpenPGP-compliant software. "Freely
available" means that you can get for free. You also get access to all the
source code used to create the program, which is not directly useful to many
readers but is vital to those who can do something with it. The formal name
of the software is GnuPG, but many people simply refer to it as GPG. No
matter which you use, people conversant with OpenPGP will understand what
you're talking about.

GnuPG is freely available, but that doesn't mean you can do anything you
want with it. Any personal use is fine. Use within a company is also fine.
If you want to use GnuPG within a commercial product and resell it, be
absolutely certain to read the full General Public License (GPL) and comply
with its terms! There is no such thing as "proprietary code" based on the
GPL. You have been warned.

PGP versus GnuPG

Hmm. GnuPG is free, and PGP costs money. Why would you not always use GnuPG?
There are several reasons why a person or organization might choose to
purchase PGP rather than use the free GnuPG, or vice versa, including ease
of use, support, transparency, and supported algorithms. All these reasons
make the choice of encryption software very situation-dependent. Take a look
at your options and pick the right tool for you.

Ease of Use

To use GnuPG, you must not be afraid to get code under your fingernails and
tangle with the operating system's command line. Although various GnuPG
add-ons provide a friendly user interface, they're not tightly integrated
with the main product, and when the main GnuPG software is updated, these
add-ons might or might not be updated. I wouldn't dream of setting up
Grandpa with GnuPG unless I really liked talking to him five days a week.

PGP Corporation puts a lot of effort into making its products work
transparently for the end user, in exactly the same manner as any other
desktop program. As a support person, I find this extremely valuable. If I
needed to set up the sales force, marketers, and accountants at my company
with a single cryptographic solution, I would choose PGP in a heartbeat on
this factor alone.

(The nontechnical staff at your company might be more tech-literate than
mine. If so, you're more fortunate than you realize. Please tell me where to
send my resume.)

Support

PGP Corporation has an extensive support organization. You can get phone
support for the desktop products or have a whole team of consultants
implement your company-wide PGP solution. When you buy PGP software, you get
30 days of free installation and setup support, which will allow enough time
for most people to become comfortable with the tool. Support afterward
exists at whatever level you require, for a fee.

GnuPG's support organization, on the other hand, is typical of free
software. Users are expected to read the software instructions, check the
GnuPG website, and search the mailing list archives and the internet before
contacting the mailing list for help. There is no phone number to call to
speak to the "owner" of GnuPG. If you are the sort of person who wants to
pick up a phone and yell at someone until they make your problem go away,
GnuPG just isn't for you. Although you can easily find expertise in GnuPG
and OpenPGP, and hiring a consultant to maintain GnuPG isn't that big a
deal, that's very different from having direct access to the vendor.

Although you might find an edge case for which one or the other program
doesn't work, or you might discover a software bug, both programs have
thousands and thousands of users who have exercised every piece of
functionality countless times. If you have a problem, one of these users has
almost certainly already had that same problem, asked for help on a mailing
list or message board, and received assistance. I find that a web search
answers questions on either tool far more quickly than a phone call ever
could.

Auditing, algorithms, and the law

Transparency

Transparency refers to how much of the software is visible. For most users,
this is irrelevant ‹ they just want the software to work properly, without
causing system crashes or scrambling their recipe collection. You're
probably in this category. In the security industry, however, transparency
is a vital question.

People who are serious about security ‹ serious as in "billions and billions
of dollars and/or many human lives depend on this information remaining
private" ‹ hire security experts to evaluate their security software and
point out problems. The process of reviewing code and algorithms for
problems is called auditing.

Encryption is an old science, and one of its primordial rules is that
knowing how a good encryption scheme works doesn't help you break it.
Encryption schemes that are available for review by the general public are
the only ones that professional cryptographers take seriously. The
cryptography behind OpenPGP has been continuously audited for 10 years now
by people who would be delighted to find problems with it. Discovering a
problem in OpenPGP would be a sure-fire way to gain fame within the
cryptography community, much as discovering how to build a
100-mile-per-gallon, high-performance gasoline engine would be in the auto
industry. Both seem impossible, but many people try.

However, both PGP and GnuPG are more than the algorithms used by OpenPGP.
There's a whole bunch of source code in and around those algorithms. A bad
guy could find a problem with that source code and use it to break the
protection provided by the software. That source code requires auditing by
skilled individuals to ensure its safety. GnuPG's source code is open for
audit by anyone in the world and is checked by many different people of
differing skill levels. PGP's source code is open for audit only to
customers, but many of those customers hire very skilled people specifically
to audit the code.

Algorithm Support

The original PGP used encryption methods that were encumbered by patents at
the time PGP was created. Some of those encryption methods are now in the
public domain, but one (IDEA) is protected by patents in Europe. OpenPGP has
moved beyond all of these algorithms, but you might find references to them
if you encounter old versions of PGP. You don't need to understand what IDEA
is, but you do need to recognize it if you encounter it and have to deal
with it.

GnuPG does not support IDEA because IDEA is less than completely free. IDEA
is licensed under very liberal terms ‹ it's free for non-commercial use; if
you've ever bought a product that includes IDEA you have a lifetime,
royalty-free IDEA license; and if all else fails you can buy an IDEA license
online for $18.93. Those terms are modest, especially for modern software,
but it doesn't meet GnuPG's standards. (Hey, it's their software; they set
the standards.) You can hack GnuPG to support IDEA, but the GnuPG folks
won't do it for you. PGP Corporation has paid the patent holder, and when
you buy PGP you get access to that cipher. OpenPGP no longer requires IDEA,
but some businesses might require it. If you find a 10-year-old encrypted
file you need to open, you'll need IDEA. Otherwise, it's irrelevant.

OpenPGP and the Law

OpenPGP uses some of the strongest public-key encryption algorithms
available to cryptographers anywhere. And I do mean strong. Law enforcement
officials cannot break into a file properly protected with GnuPG, and some
governments just don't like their citizens having such strong protection.
Some countries allow their citizens to use strong encryption algorithms, but
only in a limited and breakable manner. Others require that all encryption
keys be given to a "key escrow" agency, so that if you become a criminal
mastermind the government can get your key from the escrow agency and
decrypt your incriminating messages. This is much like asking muggers to
register their Saturday Night Specials before committing holdups ‹ and
roughly as effective.

To make matters more confusing, these laws change irregularly. If you are in
doubt about the laws regarding encryption use in your country, check with a
local computing professional or lawyer. Googling for "encryption law survey"
will uncover several websites on the topic, including a very good survey at
http://rechten.uvt.nl/koops/cryptolaw.


Excerpted from the introduction to PGP & GPG: Email for the Practical
Paranoid by Michael W. Lucas. © 2006, No Starch Press. Used with the
permission. All rights reserved.
Did you love this article? Did you hate it? Think you can do better? Send us
your Feedback. Feedback submitted here will be considered for publication on
Webmonkey or Wired News, so if you don't want us to print your comments,
please say so in your email.















Michael W. Lucas is a network/security engineer. He is the author of the
critically acclaimed Absolute BSD, Absolute OpenBSD, and Cisco Routers for
the Desperate. He also writes the column Big Scary Daemons at O'Reilly's BSD
DevCenter.